Shodan
Vulnerabilities
Vulnerable Software
Moxa:  >> Mxview  >> 3.1.8  Security Vulnerabilities
CVE-2021-38452
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-10-12
CVE-2021-38454
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS Score
10.0
EPSS Score
0.006
Published
2021-10-12
CVE-2021-38456
A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
CVSS Score
9.8
EPSS Score
0.002
Published
2021-10-12
CVE-2021-38458
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS Score
9.8
EPSS Score
0.008
Published
2021-10-12
CVE-2021-38460
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-10-12
CVE-2020-13536
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality.
CVSS Score
9.3
EPSS Score
0.0
Published
2020-11-05
CVE-2020-13537
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality and among them the mosquitto executable is also run.
CVSS Score
9.3
EPSS Score
0.0
Published
2020-11-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved